Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C20F5BCECD6811EFBBCB054B762E951A.roa
File: C20F5BCECD6811EFBBCB054B762E951A.roa (raw, json)
Hash identifier: v3RKdhoNcjyoe/YXBd/zDsbnhcDx8PfWKqg90vzirOM=
Subject key identifier: D5:FB:E6:9D:5C:0F:E9:D6:0B:4E:31:74:D6:C2:58:AD:F6:BE:CE:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF57
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C20F5BCECD6811EFBBCB054B762E951A.roa
Signing time: Wed 08 Jan 2025 02:32:09 +0000
ROA not before: Wed 08 Jan 2025 02:32:05 +0000
ROA not after: Sat 13 Dec 2025 02:32:05 +0000
asID: 984
IP address blocks: 156.247.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65367 (0xff57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 02:32:05 2025 GMT
Not After : Dec 13 02:32:05 2025 GMT
Subject: CN=677de3a9-1bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f5:b1:bc:c2:d9:0b:c0:8c:9d:73:8d:63:8e:
ed:02:fb:8c:f2:f5:b3:04:15:88:7c:41:fd:c3:6b:
57:b1:5c:40:b0:0a:b7:01:f5:27:de:39:e0:20:cf:
7b:09:11:d1:44:13:ea:72:a4:45:6f:76:97:d0:bd:
8f:62:13:51:3a:b8:c9:61:2c:1d:56:ca:67:56:b5:
43:72:ff:29:95:36:c4:2a:a2:9c:78:d6:2a:4d:ff:
5e:ec:68:27:a1:b2:ae:9b:72:0d:9f:45:a4:66:95:
bd:94:d9:f5:71:31:44:17:12:6a:4e:ab:f4:ea:6b:
b1:59:ee:8d:4f:38:34:82:29:04:2b:06:67:46:dc:
0a:0b:a5:9a:e1:eb:b5:30:f4:e3:3b:c0:f9:1e:2e:
09:e6:1e:95:10:5e:a0:4c:a9:8c:d1:b1:11:d2:c9:
29:27:ab:7a:04:42:e8:1f:2f:33:40:f6:f1:2e:ee:
bc:db:5e:e5:f8:b9:20:2a:d4:a0:ca:08:88:e5:93:
a7:fd:ae:c0:bf:f2:01:99:a9:67:e6:da:0d:af:89:
4d:34:a5:50:96:96:8e:11:7d:37:72:f2:24:95:94:
51:c8:e8:7f:01:ff:45:2d:25:05:8b:2a:f3:c4:09:
7d:7c:39:b2:1a:d0:4b:e8:6f:b6:dc:d5:b6:a5:21:
43:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:FB:E6:9D:5C:0F:E9:D6:0B:4E:31:74:D6:C2:58:AD:F6:BE:CE:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C20F5BCECD6811EFBBCB054B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.119.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:6d:e1:1f:b7:31:1b:f3:ad:c5:90:0f:f5:fe:7e:38:a1:ed:
7f:52:dd:1c:a1:83:c9:1a:34:7e:29:6c:74:8f:e2:ce:53:23:
5b:00:8c:c5:15:40:86:f2:c1:40:b7:da:d3:ba:46:5e:a1:a4:
9a:bc:cb:83:67:17:c1:ce:f1:d4:6d:8f:91:43:59:9b:a0:49:
1e:fe:65:09:c4:bf:ff:11:93:6e:19:b0:27:67:58:69:34:78:
3e:6c:e6:5c:38:3e:0f:03:f5:8f:10:8e:29:5c:56:4d:4b:03:
cd:a9:55:14:97:a6:51:04:65:bd:15:a2:2c:1d:0a:d1:b5:7a:
7f:8b:97:d0:f7:e8:50:7f:30:ba:c5:76:2e:be:d1:b6:f6:3a:
4c:30:b1:47:22:76:63:78:a8:c7:25:95:23:96:ed:23:46:3c:
0c:fc:65:f9:9c:77:35:09:1c:ed:e3:40:8d:79:49:81:70:25:
15:c2:e8:0d:88:66:9b:fd:33:a4:55:57:7c:d7:ad:89:4f:15:
b6:b2:64:9c:2d:2f:b2:f9:88:e0:bd:f4:a0:8f:93:5d:7d:a4:
d9:e8:c3:10:98:df:13:33:cc:69:7b:a1:12:e4:5b:5a:bd:9e:
1b:78:36:f5:0b:f1:c9:f3:4e:63:99:6b:6f:72:19:30:da:95:
b1:91:1c:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP9XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDIzMjA1WhcNMjUxMjEzMDIzMjA1WjAYMRYw
FAYDVQQDEw02NzdkZTNhOS0xYmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt/WxvMLZC8CMnXONY47tAvuM8vWzBBWIfEH9w2tXsVxAsAq3AfUn3jng
IM97CRHRRBPqcqRFb3aX0L2PYhNROrjJYSwdVspnVrVDcv8plTbEKqKceNYqTf9e
7GgnobKum3INn0WkZpW9lNn1cTFEFxJqTqv06muxWe6NTzg0gikEKwZnRtwKC6Wa
4eu1MPTjO8D5Hi4J5h6VEF6gTKmM0bER0skpJ6t6BELoHy8zQPbxLu68217l+Lkg
KtSgygiI5ZOn/a7Av/IBmaln5toNr4lNNKVQlpaOEX03cvIklZRRyOh/Af9FLSUF
iyrzxAl9fDmyGtBL6G+23NW2pSFDWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNX7
5p1cD+nWC04xdNbCWK32vs6QMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMjBGNUJDRUNENjgxMUVGQkJDQjA1NEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPd3MA0GCSqGSIb3DQEBCwUA
A4IBAQAKbeEftzEb863FkA/1/n44oe1/Ut0coYPJGjR+KWx0j+LOUyNbAIzFFUCG
8sFAt9rTukZeoaSavMuDZxfBzvHUbY+RQ1mboEke/mUJxL//EZNuGbAnZ1hpNHg+
bOZcOD4PA/WPEI4pXFZNSwPNqVUUl6ZRBGW9FaIsHQrRtXp/i5fQ9+hQfzC6xXYu
vtG29jpMMLFHInZjeKjHJZUjlu0jRjwM/GX5nHc1CRzt40CNeUmBcCUVwugNiGab
/TOkVVd8162JTxW2smScLS+y+YjgvfSgj5NdfaTZ6MMQmN8TM8xpe6ES5FtavZ4b
eDb1C/HJ805jmWtvchkw2pWxkRyX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:54 2025 by rpki-client